[git] GPGME - branch, master, updated. gpgme-1.7.0-39-ge7ceb83

by Andre Heinecke cvs at cvs.gnupg.org
Mon Oct 10 17:43:21 CEST 2016


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".

The branch, master has been updated
       via  e7ceb83a5969581f5e1b0b6a69d18a93b594f6d4 (commit)
       via  b6b820bff14a9aa8fa67755b246c90062ffdba14 (commit)
       via  34e9dfee81958160f6604849b63369ae4de67417 (commit)
       via  f131a5e72b0881cafcc3b0a91da8f050af2684a6 (commit)
      from  098a2da15b1b46b145add623dec0488abd39bd74 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit e7ceb83a5969581f5e1b0b6a69d18a93b594f6d4
Author: Andre Heinecke <aheinecke at intevation.de>
Date:   Mon Oct 10 17:42:10 2016 +0200

    Add NEWS for cpp and qt, bump cpp version
    
    * NEWS: Add entries for cpp and qt changes.
    * configure.ac: Bump cpp version because of added API.

diff --git a/NEWS b/NEWS
index 86e1d4f..dff8e47 100644
--- a/NEWS
+++ b/NEWS
@@ -6,6 +6,14 @@ Noteworthy changes in version 1.7.1 (unreleased) [C26/A15/R_]
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  gpgme_addrspec_from_uid         NEW.
 
+ * qt Interface changes relative to the 1.7.0 release:
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ WksPublishJob::startReceive     NEW.
+ WksPublishJob::startRecieve     REMOVED.
+
+ * cpp Interface changes relative to the 1.7.0 release:
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ Signature::key(bool, bool)      NEW.
 
 Noteworthy changes in version 1.7.0 (2016-09-21) [C26/A15/R0]
 ------------------------------------------------
diff --git a/configure.ac b/configure.ac
index bc4aad9..64f9385 100644
--- a/configure.ac
+++ b/configure.ac
@@ -62,7 +62,7 @@ LIBGPGME_LT_AGE=15
 LIBGPGME_LT_REVISION=0
 
 LIBGPGMEPP_LT_CURRENT=6
-LIBGPGMEPP_LT_AGE=0
+LIBGPGMEPP_LT_AGE=1
 LIBGPGMEPP_LT_REVISION=2
 
 LIBQGPGME_LT_CURRENT=7

commit b6b820bff14a9aa8fa67755b246c90062ffdba14
Author: Andre Heinecke <aheinecke at intevation.de>
Date:   Mon Oct 10 17:38:43 2016 +0200

    Add convenience function to get key from sig
    
    * lang/cpp/src/verificationresult.cpp (Signature::key(bool, bool)):
    New. Can be used to search / update the key associcated with this
    signature.
    
    --
    By using update a caller can ensure that an incomplete key
    obtainable through the new key() function is fully loaded.
    With search the key can be looked up in the internal keyring.
    
    As the results are cached this can be done in the crypto thread
    and the result then better used in the UI thread.

diff --git a/lang/cpp/src/verificationresult.cpp b/lang/cpp/src/verificationresult.cpp
index a7b073e..23c458e 100644
--- a/lang/cpp/src/verificationresult.cpp
+++ b/lang/cpp/src/verificationresult.cpp
@@ -29,6 +29,7 @@
 #include "result_p.h"
 #include "util.h"
 #include "key.h"
+#include "context.h"
 
 #include <gpgme.h>
 
@@ -121,6 +122,7 @@ public:
     std::vector<GpgME::Key> keys;
     std::vector<char *> purls;
     std::string file_name;
+    Protocol proto;
 };
 
 GpgME::VerificationResult::VerificationResult(gpgme_ctx_t ctx, int error)
@@ -145,6 +147,10 @@ void GpgME::VerificationResult::init(gpgme_ctx_t ctx)
         return;
     }
     d.reset(new Private(res));
+    gpgme_protocol_t proto = gpgme_get_protocol(ctx);
+    d->proto = proto == GPGME_PROTOCOL_OpenPGP ? OpenPGP :
+               proto == GPGME_PROTOCOL_CMS ? CMS :
+               UnknownProtocol;
 }
 
 make_standard_stuff(VerificationResult)
@@ -386,6 +392,32 @@ GpgME::Key GpgME::Signature::key() const
     return d->keys[idx];
 }
 
+GpgME::Key GpgME::Signature::key(bool search, bool update) const
+{
+    if (isNull()) {
+        return Key();
+    }
+
+    GpgME::Key ret = key();
+    if (ret.isNull() && search) {
+        auto ctx = Context::createForProtocol (d->proto);
+        if (ctx) {
+            ctx->setKeyListMode(KeyListMode::Local |
+                        KeyListMode::Signatures |
+                        KeyListMode::SignatureNotations |
+                        KeyListMode::Validate |
+                        KeyListMode::WithTofu);
+            Error e;
+            ret = d->keys[idx] = ctx->key(fingerprint(), e, false);
+            delete ctx;
+        }
+    }
+    if (update) {
+        ret.update();
+    }
+    return ret;
+}
+
 class GpgME::Notation::Private
 {
 public:
diff --git a/lang/cpp/src/verificationresult.h b/lang/cpp/src/verificationresult.h
index 93288af..b6d1d8c 100644
--- a/lang/cpp/src/verificationresult.h
+++ b/lang/cpp/src/verificationresult.h
@@ -163,6 +163,27 @@ public:
      * set or the associated TOFU Information if applicable. */
     GpgME::Key key() const;
 
+    /* Search / Update the key of this signature.
+     *
+     * Same as above but if search is set to true this will
+     * either update the key provided by the engine or search
+     * the key in the engine. The key is cached.
+     *
+     * As this involves an engine call it might take some time
+     * to finish so it should be avoided to do this in a UI
+     * thread. The result will be cached and no engine call
+     * will be done if update is set to false and a key is
+     * already cached.
+     *
+     * If no key was provided by the engine this will look
+     * up the key so this call might block while the engine
+     * is called to obtain the key.
+     *
+     * If both search and update are false this is the same
+     * as calling key()
+     */
+    GpgME::Key key(bool search, bool update) const;
+
 private:
     std::shared_ptr<VerificationResult::Private> d;
     unsigned int idx;

commit 34e9dfee81958160f6604849b63369ae4de67417
Author: Andre Heinecke <aheinecke at intevation.de>
Date:   Mon Oct 10 17:36:41 2016 +0200

    cpp: Return null key if the signature had no key
    
    * lang/cpp/src/verificationresult.cpp (Private): Add null key
    to list when there is no key associated with the signature.
    
    --
    This fixes an out of bounds read when a verification did
    not have a key.

diff --git a/lang/cpp/src/verificationresult.cpp b/lang/cpp/src/verificationresult.cpp
index be33ca2..a7b073e 100644
--- a/lang/cpp/src/verificationresult.cpp
+++ b/lang/cpp/src/verificationresult.cpp
@@ -72,6 +72,8 @@ public:
             // copy keys
             if (scopy->key) {
                 keys.push_back(Key(scopy->key, true));
+            } else {
+                keys.push_back(Key());
             }
             // copy notations:
             nota.push_back(std::vector<Nota>());

commit f131a5e72b0881cafcc3b0a91da8f050af2684a6
Author: Andre Heinecke <aheinecke at intevation.de>
Date:   Mon Oct 10 15:22:17 2016 +0200

    qt: Add simple verify test
    
    * lang/qt/tests/t-verify.cpp: New. Small test if a signature
    returns a key with fingerprint.
    * lang/qt/tests/Makefile.am: Add new test.

diff --git a/lang/qt/tests/Makefile.am b/lang/qt/tests/Makefile.am
index 72ea324..ad08ad4 100644
--- a/lang/qt/tests/Makefile.am
+++ b/lang/qt/tests/Makefile.am
@@ -25,10 +25,10 @@ TESTS_ENVIRONMENT = GNUPGHOME=$(abs_builddir)
 EXTRA_DIST = initial.test
 
 TESTS = initial.test t-keylist t-keylocate t-ownertrust t-tofuinfo \
-        t-encrypt
+        t-encrypt t-verify
 
 moc_files = t-keylist.moc t-keylocate.moc t-ownertrust.moc t-tofuinfo.moc \
-            t-encrypt.moc t-support.hmoc t-wkspublish.moc
+            t-encrypt.moc t-support.hmoc t-wkspublish.moc t-verify.moc
 
 AM_LDFLAGS = -no-install
 
@@ -56,6 +56,7 @@ t_ownertrust_SOURCES = t-ownertrust.cpp $(support_src)
 t_tofuinfo_SOURCES = t-tofuinfo.cpp $(support_src)
 t_encrypt_SOURCES = t-encrypt.cpp $(support_src)
 t_wkspublish_SOURCES = t-wkspublish.cpp $(support_src)
+t_verify_SOURCES = t-verify.cpp $(support_src)
 run_keyformailboxjob_SOURCES = run-keyformailboxjob.cpp
 
 nodist_t_keylist_SOURCES = $(moc_files)
@@ -63,7 +64,7 @@ nodist_t_keylist_SOURCES = $(moc_files)
 BUILT_SOURCES = $(moc_files)
 
 noinst_PROGRAMS = t-keylist t-keylocate t-ownertrust t-tofuinfo t-encrypt \
-    run-keyformailboxjob t-wkspublish
+    run-keyformailboxjob t-wkspublish t-verify
 
 CLEANFILES = secring.gpg pubring.gpg pubring.kbx trustdb.gpg dirmngr.conf \
 	gpg-agent.conf pubring.kbx~ S.gpg-agent gpg.conf pubring.gpg~ \
diff --git a/lang/qt/tests/t-verify.cpp b/lang/qt/tests/t-verify.cpp
new file mode 100644
index 0000000..aedfc19
--- /dev/null
+++ b/lang/qt/tests/t-verify.cpp
@@ -0,0 +1,93 @@
+/* t-verifiy.cpp
+
+    This file is part of qgpgme, the Qt API binding for gpgme
+    Copyright (c) 2016 Intevation GmbH
+
+    QGpgME is free software; you can redistribute it and/or
+    modify it under the terms of the GNU General Public License as
+    published by the Free Software Foundation; either version 2 of the
+    License, or (at your option) any later version.
+
+    QGpgME is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+    General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+
+    In addition, as a special exception, the copyright holders give
+    permission to link the code of this program with any edition of
+    the Qt library by Trolltech AS, Norway (or with modified versions
+    of Qt that use the same license as Qt), and distribute linked
+    combinations including the two.  You must obey the GNU General
+    Public License in all respects for all of the code used other than
+    Qt.  If you modify this file, you may extend this exception to
+    your version of the file, but you are not obligated to do so.  If
+    you do not wish to do so, delete this exception statement from
+    your version.
+*/
+#ifdef HAVE_CONFIG_H
+ #include "config.h"
+#endif
+
+#include <QDebug>
+#include <QTest>
+
+
+#include "protocol.h"
+
+#include "verifyopaquejob.h"
+#include "verificationresult.h"
+#include "key.h"
+#include "t-support.h"
+
+using namespace QGpgME;
+using namespace GpgME;
+
+static const char testMsg1[] =
+"-----BEGIN PGP MESSAGE-----\n"
+"\n"
+"owGbwMvMwCSoW1RzPCOz3IRxjXQSR0lqcYleSUWJTZOvjVdpcYmCu1+oQmaJIleH\n"
+"GwuDIBMDGysTSIqBi1MApi+nlGGuwDeHao53HBr+FoVGP3xX+kvuu9fCMJvl6IOf\n"
+"y1kvP4y+8D5a11ang0udywsA\n"
+"=Crq6\n"
+"-----END PGP MESSAGE-----\n";
+
+
+class VerifyTest: public QGpgMETest
+{
+    Q_OBJECT
+
+private Q_SLOTS:
+
+    /* Check that a signature always has a key. */
+    void testSignatureKey()
+    {
+        const QByteArray signedData(testMsg1);
+        auto verifyJob = openpgp()->verifyOpaqueJob(true);
+        QByteArray verified;
+
+        auto result = verifyJob->exec(signedData, verified);
+        Q_ASSERT(!result.error());
+        delete verifyJob;
+
+        Q_ASSERT(result.numSignatures() == 1);
+        auto sig = result.signatures()[0];
+
+        const auto key = sig.key(true, false);
+        Q_ASSERT(!key.isNull());
+
+        bool found = false;
+        for (const auto subkey: key.subkeys()) {
+            if (!strcmp (subkey.fingerprint(), sig.fingerprint())) {
+                found = true;
+            }
+        }
+        Q_ASSERT(found);
+    }
+};
+
+QTEST_MAIN(VerifyTest)
+#include "t-verify.moc"

-----------------------------------------------------------------------

Summary of changes:
 NEWS                                               |  8 ++
 configure.ac                                       |  2 +-
 lang/cpp/src/verificationresult.cpp                | 34 ++++++++
 lang/cpp/src/verificationresult.h                  | 21 +++++
 lang/qt/tests/Makefile.am                          |  7 +-
 .../qgpgmeverifyopaquejob.h => tests/t-verify.cpp} | 95 ++++++++++++----------
 6 files changed, 120 insertions(+), 47 deletions(-)
 copy lang/qt/{src/qgpgmeverifyopaquejob.h => tests/t-verify.cpp} (52%)


hooks/post-receive
-- 
GnuPG Made Easy
http://git.gnupg.org




More information about the Gnupg-commits mailing list